The collateral repository for The KQL Mysteries series
☆27Mar 8, 2024Updated 2 years ago
Alternatives and similar repositories for KQLMysteries
Users that are interested in KQLMysteries are comparing it to the libraries listed below
Sorting:
- Programming Microsoft Sentinel book☆25Dec 13, 2023Updated 2 years ago
- KQL example queries for working in Azure☆36Dec 1, 2025Updated 3 months ago
- A series of cloud focused KQL queries for threat hunting and DFIR☆11Oct 21, 2025Updated 4 months ago
- Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.☆48Mar 2, 2026Updated last week
- Open source repository to help others learn about IaC and the various flavors☆18Apr 16, 2024Updated last year
- AzureKitty is an Office 365 and Azure configuration audit tool☆15Jan 28, 2024Updated 2 years ago
- Azure Sentinel KQL☆472Jul 28, 2025Updated 7 months ago
- Copilot for Security Tools☆17Apr 19, 2024Updated last year
- Code included as part of the MustLearnKQL blog series☆1,150Jan 30, 2026Updated last month
- Terraform Azure Verified Resource Module for DevOps Pools☆21Jan 8, 2026Updated 2 months ago
- ☆100Oct 22, 2025Updated 4 months ago
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆485Nov 22, 2024Updated last year
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆115Jan 18, 2026Updated last month
- Scripts and Content for working with Open AI☆171Apr 18, 2025Updated 10 months ago
- Ian Hanley's deceptively simple KQL queries.☆68Dec 27, 2025Updated 2 months ago
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆210Mar 1, 2026Updated last week
- "DevOps-The-Hard-Way-AWS" got a lot of traction, so I figured I'd make one for Azure!☆36Feb 15, 2025Updated last year
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆65Dec 26, 2022Updated 3 years ago
- My personal work with Copilot for Security☆199Jun 27, 2025Updated 8 months ago
- Repository with Sample KQL Query examples for Threat Hunting☆217Sep 1, 2022Updated 3 years ago
- Content Repo for Demystifying KQL Tutorial Series☆72Sep 1, 2024Updated last year
- Version 2 of the Rhythm Randomizer project☆13Jan 6, 2023Updated 3 years ago
- Microsoft DevBox Demos☆10Mar 3, 2026Updated last week
- Microsoft Sentinel related content☆38Jan 22, 2025Updated last year
- A course about terraform☆11Apr 13, 2021Updated 4 years ago
- Python Wrapper for the Frantrax API☆17Jan 1, 2026Updated 2 months ago
- Automate Entitlement Management in Azure AD Identity Governance using Microsoft Graph Powershell☆15Sep 13, 2023Updated 2 years ago
- Before using Emagnet, please remember that with great power comes great responsibility.☆22Mar 30, 2025Updated 11 months ago
- ☆10Jan 8, 2024Updated 2 years ago
- ☆11Jun 18, 2023Updated 2 years ago
- Queries from the blog posts.☆15Oct 6, 2024Updated last year
- ☆62Dec 22, 2025Updated 2 months ago
- ☆11Dec 13, 2022Updated 3 years ago
- A thin wrapper around Bicep that will load all bicep assemblies in a separate context to avoid conflicts with other modules.☆10Oct 7, 2024Updated last year
- ☆12Feb 9, 2025Updated last year
- Quick module to deploy a Linux VM to Azure with Ansible installed at bootup - by @JesseLoudon☆11Dec 9, 2025Updated 3 months ago
- Metasploitable3 CTF Write-up☆40Dec 12, 2017Updated 8 years ago
- Basic boilerplate for web apps, MVC pattern.☆11Apr 16, 2019Updated 6 years ago
- ☆11Oct 9, 2022Updated 3 years ago